Closed ihudedi closed 4 years ago
Yes I think so.
Try calling UnifiedResponseDefaultSettings.setAllowMimeSniffing (true);
on application startup. That should remove the header globally.
Hi Philip, We are not using servlet. Is it also use this method when not using servlet? Thanks, Itay
Hi Itay, Than I assume that the header is not added by as2-lib but by one of your reverse proxies, web application firewalls or the like. I couldn't find any place, where I add the header outside of the UnifiedResponse stuff. hth, Philip
Hi Itay, did you find it?
Hi Philip, Yes I found it.Those params are added by default by spring security.It's not related to the AS2 code. Thanks, Itay
Hi Philip, Customer asked to stop sending the X-Content-Type-Options header or any other non-compliant headers in the AS2 MDN. See this link : https://www.ibm.com/support/pages/node/294385 Can we disable this param when sending the MDN reciept. Thanks, Itay.